File _patchinfo of Package patchinfo.12322
<patchinfo incident="12322">
<issue tracker="bnc" id="1124593">VUL-0: CVE-2019-7164, CVE-2019-7548: python-SQLAlchemy: SQL Injection when the group_by parameter can be controlled.</issue>
<issue tracker="cve" id="2019-7548"/>
<issue tracker="cve" id="2019-7164"/>
<category>security</category>
<rating>important</rating>
<packager>rhafer</packager>
<description>This update for python-SQLAlchemy fixes the following issues:
Security issues fixed:
- CVE-2019-7164: Fixed SQL Injection via the order_by parameter (bsc#1124593).
- CVE-2019-7548: Fixed SQL Injection via the group_by parameter (bsc#1124593).
</description>
<summary>Security update for python-SQLAlchemy</summary>
</patchinfo>